+define Package/iptables/Default
+ SECTION:=net
+ CATEGORY:=Network
+ URL:=http://netfilter.org/
+endef
+
+define Package/iptables/Module
+$(call Package/iptables/Default)
+ DEPENDS:=iptables $(1)
+endef
+
+define Package/iptables
+$(call Package/iptables/Default)
+ TITLE:=IPv4 firewall administration tool
+ MENU:=1
+ DEPENDS+= +kmod-ipt-core +libiptc +libxtables
+endef
+
+define Package/iptables/description
+ IPv4 firewall administration tool.
+ Includes support for:
+ - comment
+ - limit
+ - LOG
+ - mac
+ - multiport
+ - REJECT
+ - TCPMSS
+endef
+
+define Package/iptables-mod-conntrack
+$(call Package/iptables/Module, +kmod-ipt-conntrack)
+ TITLE:=Basic connection tracking extensions
+endef
+
+define Package/iptables-mod-conntrack/description
+ Basic iptables extensions for connection tracking.
+ Includes:
+ - state
+endef
+
+define Package/iptables-mod-conntrack-extra
+$(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
+ TITLE:=Extra connection tracking extensions
+endef
+
+define Package/iptables-mod-conntrack-extra/description
+ Extra iptables extensions for connection tracking.
+ Includes:
+ - libipt_conntrack
+ - libipt_helper
+ - libipt_connmark/CONNMARK
+endef
+
+define Package/iptables-mod-filter
+$(call Package/iptables/Module, +kmod-ipt-filter)
+ TITLE:=Content inspection extensions
+endef
+
+define Package/iptables-mod-filter/description
+ iptables extensions for packet content inspection.
+ Includes:
+ - libipt_string
+ - libipt_layer7
+endef
+
+define Package/iptables-mod-imq
+$(call Package/iptables/Module, +kmod-ipt-imq)
+ TITLE:=IMQ support
+endef
+
+define Package/iptables-mod-imq/description
+ iptables extension for IMQ support.
+ Includes:
+ - libipt_IMQ
+endef
+
+define Package/iptables-mod-ipopt
+$(call Package/iptables/Module, +kmod-ipt-ipopt)
+ TITLE:=IP/Packet option extensions
+endef
+
+define Package/iptables-mod-ipopt/description
+ iptables extensions for matching/changing IP packet options.
+ Includes:
+ - libipt_CLASSIFY
+ - libipt_dscp/DSCP
+ - libipt_ecn/ECN
+ - libipt_length
+ - libipt_mac
+ - libipt_mark/MARK
+ - libipt_statistic
+ - libipt_tcpmms
+ - libipt_tos/TOS
+ - libipt_ttl/TTL
+ - libipt_unclean
+endef
+
+define Package/iptables-mod-ipsec
+$(call Package/iptables/Module, +kmod-ipt-ipsec)
+ TITLE:=IPsec extensions
+endef
+
+define Package/iptables-mod-ipsec/description
+ iptables extensions for matching ipsec traffic.
+ Includes:
+ - libipt_ah
+ - libipt_esp
+ - libipt_policy
+endef
+
+define Package/iptables-mod-ipset
+$(call Package/iptables/Module, @LINUX_2_6)
+ TITLE:=IPset iptables extensions
+endef
+
+define Package/iptables-mod-ipset/description
+ IPset iptables extensions.
+ Includes:
+ - libipt_set
+ - libipt_SET
+endef
+
+define Package/iptables-mod-nat
+$(call Package/iptables/Module, +kmod-ipt-nat)
+ TITLE:=Basic NAT extensions
+endef
+
+define Package/iptables-mod-nat/description
+ iptables extensions for basic NAT targets.
+ Includes:
+ - MASQUERADE
+ - SNAT
+ - DNAT
+endef
+
+define Package/iptables-mod-nat-extra
+$(call Package/iptables/Module, +kmod-ipt-nat-extra)
+ TITLE:=Extra NAT extensions
+endef
+
+define Package/iptables-mod-nat-extra/description
+ iptables extensions for extra NAT targets.
+ Includes:
+ - REDIRECT
+endef
+
+define Package/iptables-mod-ulog
+$(call Package/iptables/Module, +kmod-ipt-ulog)
+ TITLE:=user-space packet logging
+endef
+
+define Package/iptables-mod-ulog/description
+ iptables extensions for user-space packet logging.
+ Includes:
+ - libipt_ULOG
+endef
+
+define Package/iptables-mod-iprange
+$(call Package/iptables/Module, +kmod-ipt-iprange)
+ TITLE:=IP range extension
+endef
+
+define Package/iptables-mod-iprange/description
+ iptables extensions for matching ip ranges.
+ Includes:
+ - libipt_iprange
+endef
+
+define Package/iptables-mod-extra
+$(call Package/iptables/Module, +kmod-ipt-extra)
+ TITLE:=Other extra iptables extensions
+endef
+
+define Package/iptables-mod-extra/description
+ other extra iptables extensions.
+ Includes:
+ - libipt_owner
+ - libipt_physdev
+ - libipt_pkttype
+ - libipt_recent
+ - iptable_raw
+ - libipt_NOTRACK
+endef
+
+define Package/iptables-utils
+$(call Package/iptables/Module, )
+ TITLE:=iptables save and restore utilities
+endef
+
+define Package/ip6tables
+$(call Package/iptables/Default)
+ DEPENDS:=+kmod-ip6tables
+ CATEGORY:=IPv6
+ TITLE:=IPv6 firewall administration tool
+ MENU:=1
+endef
+
+define Package/ip6tables-utils
+$(call Package/iptables/Default)
+ DEPENDS:=ip6tables
+ CATEGORY:=IPv6
+ TITLE:=ip6tables save and restore utilities
+endef
+
+define Package/libiptc
+$(call Package/iptables/Default)
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=IPv4/IPv6 firewall - shared libiptc library
+endef
+
+define Package/libxtables
+ $(call Package/iptables/Default)
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=IPv4/IPv6 firewall - shared xtables library
+endef
+
+
+TARGET_CPPFLAGS := \
+ -I$(PKG_BUILD_DIR)/include \
+ -I$(LINUX_DIR)/arch/$(LINUX_KARCH)/include \
+ $(TARGET_CPPFLAGS)
+
+CONFIGURE_ARGS += \
+ --enable-shared \
+ --enable-devel \
+ --enable-ipv6 \
+ --with-kernel="$(LINUX_DIR)" \
+ --with-xtlibdir=/usr/lib/iptables
+
+IPTABLES_MAKEOPTS = \